Transcription
Comunidad de CiscoCommunity Live eventUmbrella Roaming Client-Diagnóstico de fallasLuis Silva, Ingeniero de Soporte Técnico, CISSP, CCIE #36825Eduardo Salazar, Sr. Service Delivery ManagerDiciembre 18, 2019
Novedades &Eventos próximos 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Ask Me Anything– Sesión del eventoHasta el Viernes 20 Diciembre, 2019ConLuis Silva & Eduardo Salazarhttp://bit.ly/ama-umbrella-dec19Luis SilvaIngeniero de Soporte TécnicoCCIE #36825 2019 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialEduardo SalazarSr. Service Delivery Manager
Evento Ask Me Anything – ¡El último del año!Configuración, Implementación y Troubleshooting de Redes Wireless AirOSHasta el viernes 20Diciembre 2019ConDaniel Ordoñezhttp://bit.ly/pregunteAirOS 2019 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialInsert event banner
Programa Especial – Community Helping CommunityÚnase a Cisco para ayudar a Doctors Without Borders (Médicos Sin Fronteras) a brindarasistencia médica en donde más se necesita.Hasta Enero 2019Insert event bannerConozca máshttp://bit.ly/chelpc-slides-es 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Califique el contenido de la Comunidad deCisco en Español¡Califique “Discusiones, Documentos y Videos!Ayúdenos a identificar el contenido de calidad y a reconocer el esfuerzo de losintegrantes de la Comunidad 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Reconocimientos en la ComunidadParticipante DestacadoReconocimiento mensualDiseñado para reconocer y agradecer aquienes colaboran en la comunidad:publicando contenido o participando en discusiones 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Gracias por su asistencia el día de hoyLa presentación incluirá algunas preguntas a la audiencia.Le invitamos cordialmente a participar activamente en las preguntas que leharemos durante la sesión 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential¡Resuelva su dudas y comparta opiniones!
Expertos de la Comunidad de CiscoLuis silvaIngeniero de Soporte TécnicoCCIE #36825 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2019Eduardo SalazarSr. Service Device Manager
¡Gracias por estarcon nosotroshoy día!http://bit.ly/cl-slides-dec2019 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
¡Haga sus preguntas al Panel de Expertos!Use el panel de preguntasy (P&R / Q&A) parapreguntar a los expertos.Sus preguntas serán respondidaseventualmente 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco CommunityCommunity Live eventTroubleshooting UmbrellaLuis Silva, Ingeniero de Soporte Técnico, CISSP, CCIE #36825Eduardo Salazar, Sr. Service Delivery ManagerDiciembre 18, 2019
Agenda Introducción Pre-requisitos de instalación Estados del agente 2019 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialEstrategias de diagnostico defallas
¿Ha utilizado la solución deseguridad de Cisco Umbrella?Polling question 1 2019 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialA.SíB.No
¿Dónde encaja Umbrella?Network y endpointNGFWNetflowPrimera LíneaAVAVHQRouter/UTMAVAVBRANCH 2019 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialTodo comienza con DNSPrecede la ejecución dearchivos y la conexión IPNetwork y endpointProxySandboxMalwareC2 CallbacksPhishingEndpointAVROAMINGUtilizado por todos losdispositivosCualquier Puerto
Porque el Roaming client 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Pre-Requisitos 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Pre-Requisitos (ERC) Sistemas Operativos Soportados Windows 10 con .NET 4.5 Windows 8 (incluye 8.1) (64-bit) con .NET 4.5 Windows 7 (64-bit/32-bit) con .NET 3.5. Mac OS X 10.11 o más reciente. Sistemas Operativos No Soportados Windows Server (Todas las Versiones) Windows RT (Actualmente no soporta procesadores ARM) Mac OS X 10.8 o anteriores.Más detalles en: /2-prerequisites-update 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Pre-Requisitos (AnyConnect) Windows 7 (or posterior) x86 (32-bit) and x64 (64-bit) El VPN Module requiere Visual Studio 2015 32-bit runtime. El Roaming Security Module requiere .NET framework (3.5como mínimo) Mac OS X 10.9 (o superior) Mínima versión: 4.3 MR1 Versión mínima recomendada: 4.3 MR4 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Pre-Requisitos – DNS 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Pre-Requisitos – Encripcion 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Pre-Requisitos – HTTP/HTTPS Registro InicialRevisión de disponibilidad de una versión actualizadaReporte de statusActualización de “internal domains” 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Estados del Agente 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Estados de Roaming ClientEstadoColor del íconoDescripciónReservedGrisRevision del estado de laconecxion.Redes no activas.OpenAmarilloNo se puede conectar con208.67.222.222 por 53/UDPProtectedAmarilloDNS64 detectado. Peticiones deDNS de IPv4 e IPv6 estanprotegidasTransparentNo dotURC es capaz de conectar con208.67.222.222 en puerto53/UDP, pero no 443/UDP 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Estados de Roaming ClientEstadoColor del ÍconoDescripciónEncryptedNo dot443/UDP.Protected NetworkNo dot“Deshabilitar detrás de redesprotegidas”Behind Virtual ApplianceNo dotSe detecto un VA en la redUnprotectedRojoAgente no protegiendo la red 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Estados de AnyConnectEstadoColor del ÍconoDescripciónReservedNaranjoRevision del estado de laconecxion.Redes no activas.OpenAmarilloNo se puede conectar con208.67.222.222 por 53/UDPProtectedVerdeSe puede conectar208.67.222.222 en Puerto53/UDP, pero no 443 UDPEncryptedVerdeSe puede conectar208.67.222.222 en Puerto443 UDP 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Estados de AnyConnectEstadoColor del ÍconoDescripciónProtected NetworkVerde“Deshabilitar detrás de redesprotegidas”Behind Virtual ApplianceVerdeSe encuentra un VA en la redVPN Trusted Network StateGrisRed protegidaDisabled due to VPN StateGrisVPN activo 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Estados de AnyConnectEstadoColor del ÍconoDescripciónNo OrgInfo.json StateRojoNo hay un perfilAgent Unavailable StateRojoServicio no activoMissing .NET DependencyState (Windows only)RojoMicrosoft 4.0 NET frameworkno instalado 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
¿En qué escenarios puedo hacer undespliegue del Roaming client enmis computadoras?Polling question 2A.B.C. 2019 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialCuando necesito saber el usuariodel Directorio ActivoCuando tengo usuarios remotoso fuera de la redCuando necesito un VPNconectado a todo momento
Deteccion de Fallas 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Conectividad Básica Wired – Wireless IP Address Puerta de enlace (DG) ARP Ping DG Ping Internet 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Revisar JSON file AnyConnect Windows: %ProgramData%\Cisco\Cisco AnyConnect Secure MobilityClient\Umbrella\oMac: /opt/cisco/anyconnect/Umbrella/Nota: Debe crear la estructura de este folder por adelantadoRoaming Client C:\ProgramData\OpenDNS\ERC\ 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Troubleshooting Básico Verificación del servicio https://welcome.umbrella.com/ 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Troubleshooting Básico – Process (/bin/ps wwaux)/opt/cisco/anyconnect/bin/dnscrypt-proxy --user nobody --localaddress 127.0.0.1:53 -plugin /opt/cisco/anyconnect/lib/libdcplugin erc.so -d/Applications/Cisco/Cisco AnyConnect Secure MobilityClient.app/Contents/MacOS/Cisco AnyConnect Secure Mobility Client psn 0 139298/Applications/Cisco/Cisco AnyConnect Secure Mobility t -console 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Troubleshooting Básico – Process (Windows) AnyConnect: acumbrellaagent.exe Standalone: ERCService.exe 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Folders Importantes (Roaming Client) Logs C:\ProgramData\OpenDNS\ERC\Open DNS ERC Service.log C:\ProgramData\OpenDNS\ERC\OpenDNS ERC UI.log Otros Archivos C:\Program Files (x86)\OpenDNS\OpenDNS Enterprise Roaming Client –The default install path. C:\ProgramData\OpenDNS\ERC\manifest.json – Indicates what version toupgrade to, if not matching. C:\ProgramData\OpenDNS\ERC\OrgInfo.json – Contains organizationId,fingerprint, and userId. 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Folders Importantes (Roaming Client) C:\ProgramData\OpenDNS\ERC\resolv.conf – Almacena IPs de los servidoresoriginales DNS para requisiciones proxying NXDOMAIN DNS (ejemplo: parabuscar recursos LAN).C:\ProgramData\OpenDNS\ERC\whitelist – Permite la Lista de Dominio(s)[desde Dominios internos (Roaming) en el dashboard]; whitelist.txt es removidosi los dominios no son colocados.C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OpenDNSRoaming Client – Comienza el shortcut link para es – La carpeta contiene losinstaladores de enDNSService MM DD YYYY.mdmp – Si ERC falla, un Dumps dir es creado para almacenar dump files. 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
AnyConnect Estadísticas 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
AnyConnect Estadísticas 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Diagnósticos (Diagnostics) Windows:%Program Files (x86)%\Cisco\Cisco AnyConnect Secure MobilityClient\UmbrellaDiagnostic.exe Mac OS / Descargar “Diagnostic cles/234692027-Umbrella-Diagnostic-Tool 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Diagnostics 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Diagnostics 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Troubleshooting Básico – Mi IP addressWindows command: nslookup myip.opendns.com 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Troubleshooting Básico - DigWindows command: nslookup internetbadguys.com 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Troubleshooting Básico– Dig 208.67.222.222Windows command: nslookup internetbadguys.com 208.67.222.222 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Troubleshooting Basico– Dig 4.2.2.1Windows command: nslookup internetbadguys.com 4.2.2.1 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Umbrella Block Page - Direcciones IPs 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Troubleshooting Básico - TracerouteWindows command: tracert internetbadguys.com 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Troubleshooting Básico - TracerouteWindows command: tracert 208.67.222.222 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
¿Qué URL se utiliza para saber siestamos utilizando Umbrella en lared?Polling question 3 2019 Cisco and/or its affiliates. All rights reserved. Cisco la.comC.Signup.umbrela.comD.Ninguna de las anteriores
Troubleshooting Básico - Traceroute 2019 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialWindows command: tracert api.opendns.com
Troubleshooting Básico– debug.opendns.com 2019 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialWindows command: nslookup -timeout 10 -type txt debug.opendns.com
Troubleshooting Básico – Ping* También compruebe la conectividad a DG, ISPWindows command: ping rtr1.mia.opendns.com 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Troubleshooting Básico– DNS configWindows command: ipconfig /all 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Troubleshooting Básico– Capturas Windows RawCap leshooting-Packet-and-DNS-Captures 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Troubleshooting Básico– Capturas (Ambos) 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Troubleshooting Básico – DNS https://dnsleaktest.com/results.html 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Información Útil Test Phishing: http://www.internetbadguys.com Test Malware: http://www.examplemalwaredomain.com http://malware.opendns.com/ Test CnC: http://www.examplebotnetdomain.com Test Content Filtering: http://www.exampleadultsite.com 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Información Útil Intelligent Proxy http://proxy.opendnstest.com/index.html 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Información Útil IP Layer Enforcement http://ipblock.opendnstest.com/unproxied.html 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Troubleshooting Básico – Windows tracert 208.67.222.222 tracert 208.67.220.220 tracert api.opendns.com. nslookup -timeout 10 -type txt debug.opendns.com. 208.67.222.222 nslookup -timeout 10 -type txt debug.opendns.com. ipconfig /all 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Verificar Certificado Cisco Para descifrado HTTPS y bloqueo de página, verifique que elcertificado de Cisco se encuentre instalado 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Información Útil Compatibilidad VPN bility Problemas CDN ing-issues-with-CDNs-andtroubleshooting-steps) Roaming Client KB 607008-RoamingComputers-Roaming-Client- 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Taloshttps://talosintelligence.com/reputation center/lookup?search internetbadguys.com 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Investigatehttps://investigate.umbrella.com/ 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Pruebe Umbrella sin costoComience su pruebagratuita 2019 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialLink: https://signup.umbrella.com/
Resuelva sus dudasUtilice el panel de Q&A o P&Rpara realizar sus preguntas 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Ask Me Anything– Sesión del eventoHasta el Viernes 20 Diciembre, 2019ConLuis Silva & Eduardo Salazarhttp://bit.ly/ama-umbrella-dec19Luis SilvaIngeniero de Soporte TécnicoCCIE #36825 2019 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialEduardo SalazarSr. Service Delivery Manager
La Comunidad de soporte tiene otros IdiomasSi habla Portugués, Japonés, Ruso, Chino o Inglés lo invitamos a participar en otro idioma.Cisco CommunityInglésNuevaCommunauté CiscoFrancésСообщество CiscoRusoシスコ コミュニティJaponésComunidade da CiscoPortugués 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential思科服务支持社区Chino
Lo invitamos a nuestros próximos eventos enRedes SocialesTwitter 2019 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialFacebook @CiscoTSLatam Cisco TS- Latam @cisco spain Cisco España @cisco support @Cisco LA Cisco LatinoaméricaCiscoCommunity
Lo invitamos a nuestros próximos eventos enRedes SocialesAppYouTube CiscoLatam ciscocommunity 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Cisco Technical SupportLinkedIn Cisco Community
¡Nos interesa suopinión!Por favor complete la encuesta,aparecerá en la pantalla de su buscador 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
¡Gracias por acompañarnosen el último evento del año! 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Diciembre 18, 2019 Comunidad de Cisco Community Live event Luis Silva, Ingeniero de Soporte Técnico, CISSP, CCIE #36825 Umbrella